v3.14.0
Haven v3.14.0
Added
- #5344: Registration token gate. New admin-controlled token that sits alongside (or instead of) the username whitelist on the registration page. When enabled in Settings → Admin → Whitelist, anyone signing up must enter the 16-char hex token the admin generated. Generate / Reroll / Copy / Clear buttons. New
GET /api/auth/registration-infoexposes only arequiresTokenboolean so the field can show on demand without ever leaking the token. Whitelist + token can both be active — both checks must pass. - #5345: Default channels for invite joiners + private-channel safety fix. When someone joins via the server invite code or vanity link, admins can curate exactly which public channels they auto-land in via a checkbox list under Settings → Admin → Server Invite Code. "Select all" stores no allowlist (every public channel — default behavior). Critically, the auto-join logic was tightened so private parent channels (
is_private = 1orcode_visibility = 'private') are now never unlocked by an invite code regardless of the allowlist — previously a private top-level channel was being granted alongside everything else.
Fixed
- #5280: Burn-after-read DM toggle is now a true on/off toggle. The 🔥 button used to auto-disarm itself after a single message even though the click handler reads as a toggle. Now the armed state persists across messages until the user clicks the button again to disarm (or switches out of the DM channel, which still clears it for safety).
- Style: fallout/matrix theme button border reduced from 2px to 1px for a slightly less chunky look.
Full changelog: https://github.com/ancsemi/Haven/blob/main/CHANGELOG.md